Arcade.dev
Agent identity & tool-calling runtime
Arcade.dev is an agent authorization and tool-calling runtime — "SSO for AI agents." Built by ex-Okta/Auth0 engineers, it lets agents act as the real user via OAuth, brokering tokens and secrets so tool calls run with the right identity and scopes, and enforcing per-action authorization at runtime.
Zenity
Agentic AI security (AISPM + agent detection & response)
Zenity secures AI agents across Microsoft Copilot, low-code platforms, Salesforce Agentforce and custom clouds — discovery and posture management (AISPM), least-privilege permission analysis, and runtime detection & response (AIDR). A 2025 Gartner Cool Vendor in Agentic AI TRiSM.
How they compare
Twelve criteria that decide whether an enterprise can prove — not just hope — that its AI agents stay inside policy.
| Criterion | Arcade | Zenity |
|---|---|---|
| Deterministic, rule-based authorization | ● | ◐ |
| Pre-execution enforcement | ● | ◐ |
| Segregation of Duties enforcement | ○ | ○ |
| Excessive-agency prevention / least privilege | ◐ | ● |
| Design-time action-surface mapping | ◐ | ◐ |
| Compliance-classified tools catalog | ◐ | ◐ |
| Full lifecycle coverage (design-time + runtime) | ◐ | ● |
| Named-approver human-in-the-loop routing | ◐ | ○ |
| SOX / GDPR / financial-GRC control mapping & evidence | ○ | ◐ |
| AI-specific standards (ISO 42001, EU AI Act, NIST AI RMF, OWASP LLM) | ○ | ◐ |
| Immutable / tamper-evident audit ledger | ◐ | ◐ |
| GRC / internal-audit / IT-governance buyer fit | ○ | ○ |
Where Arcade.dev is strong
- OAuth token brokering and agent identity — its crown jewel, built by ex-Okta/Auth0 engineers
- Deterministic, scope-based authorization checks on each tool call
- Broad MCP runtime — 7,500+ tools across 81 servers, with an open-source SDK
- Pre/post-execution hooks that can inspect and block requests inline
Where Zenity is strong
- Best-in-class agent discovery and inventory across Copilot, low-code and SaaS sprawl
- Mature AISPM with deep permission analysis and least-privilege enforcement
- Correlates build-time posture with runtime behavior — genuine lifecycle coverage
- Strong offensive research (AgentFlayer) and Gartner analyst validation
What both leave to you: governance
Arcade.dev and Zenity secure how agents operate — but neither enforces Segregation of Duties, maps an agent's action surface at design time, or produces SOX/GDPR-grade compliance evidence. That is the layer LangGuard adds.
- Deterministic, rule-based authorization on every action — reproducible and auditable, not probabilistic
- Segregation-of-Duties enforcement built in — the only vendor in this set to ship it
- Design-time action-surface mapping plus a compliance-classified tools catalog (SoD, SOX, GDPR, ISO 42001)
- Named-approver human-in-the-loop routing and an immutable, tamper-evident audit ledger
- Built for GRC, internal audit and IT governance — with SOX/GDPR control evidence
The bottom line
Arcade.dev and Zenity are both strong runtime security tools. If your requirement is deterministic authorization, Segregation of Duties, design-time action-surface mapping, and audit-grade compliance evidence, LangGuard governs what agents are allowed to do — before they do it — and works alongside either.
Request Free TrialMore comparisons
Find out what your agents can do —
before your auditor does.
LangGuard maps your complete agent action surface in minutes. Free for the first five managed agents. All Scopes — Finance, IT, Procurement, HR — included from day one. No policy writing required.
No credit card required · First 5 agents free · All LOB Scopes included · Enterprise ready